Gusted 0b17346cff fix(sec): web route update and delete runner variables ... The web route to update and delete variables of runners did not check if the ID that was given belonged to the context it was requested in, this made it possible to update and delete every existing runner variable of a instance for any authenticated user. The code has been reworked to always take into account the context of the request (owner and repository ID).		2025-02-08 07:21:14 +00:00
..
avatar.go	Move context from modules to services (#29440)	2024-03-06 12:10:43 +08:00
collaboration.go	Move context from modules to services (#29440)	2024-03-06 12:10:43 +08:00
default_branch.go	[ACTIONS] port scheduled actions from Gitea	2024-03-26 16:51:56 +01:00
deploy_key.go	Move context from modules to services (#29440)	2024-03-06 12:10:43 +08:00
git_hooks.go	Move context from modules to services (#29440)	2024-03-06 12:10:43 +08:00
lfs.go	Show lock owner instead of repo owner on LFS setting page (#31788)	2024-08-18 05:47:06 +02:00
main_test.go	make writing main test easier (#27270)	2023-09-28 01:38:53 +00:00
protected_branch.go	[PORT] gitea#30430: Fix rename branch 500 when the target branch is deleted but exist in database	2024-04-15 16:03:09 +02:00
protected_tag.go	Move context from modules to services (#29440)	2024-03-06 12:10:43 +08:00
runners.go	fix(sec): web route delete runner	2025-02-08 07:21:14 +00:00
secrets.go	Move context from modules to services (#29440)	2024-03-06 12:10:43 +08:00
setting.go	feat: allow changing default branch update style	2024-12-23 18:55:25 +03:00
settings_test.go	Add testifylint to lint checks (#4535)	2024-07-30 19:41:10 +00:00
variables.go	fix(sec): web route update and delete runner variables	2025-02-08 07:21:14 +00:00
webhook.go	[CHORE] Use forked `binding` library	2024-11-05 22:47:34 +01:00